Privacy Policy

When you create an account and use this website, we collect the following categories of information:

• Identity and contact: your name, email address, phone number, academic year, and major — collected when you complete your member profile.
• Ading application responses: Instagram handle, birthday, pronouns, activity level, hobbies, favorite music genre, favorite artist, favorite food, favorite TV show or movie, pamilya vibe preference, hangout size preference, weekly availability, thoughts on drinking, dislikes, pamilya dealbreakers, pamilya incompatibilities, future kuya/ate preference, MBTI type, and any additional notes you choose to share.
• Kuya/ate application responses: Instagram handle, preferred pamilya name, interest in serving as pamilya head (and phone number if applicable), and a written statement of why you want to be a kuya/ate.
• Event participation: event registrations, attendance records, and ticket check-in status — including the identity of the officer who scanned your ticket.
• Account data: your assigned role (member, officer, or admin), membership status, membership expiration date, pamilya assignment, FSA points balance, and profile photo if you choose to upload one.
• Payment records: amount paid, payment provider, and Stripe customer and session identifiers where applicable — described further in the Payment Information section.

We use the information we collect for the following purposes:

• To create and manage your member account and verify your membership status.
• To assign you to a pamilya through the internal matching process conducted by FSA officers.
• To process event registrations and issue QR code tickets.
• To track attendance and FSA points for Goodphil eligibility.
• To send transactional emails — such as registration confirmations and QR code tickets — through our email provider.
• To display your profile information to other members where relevant, such as your pamilya assignment after reveal.

We do not sell your information to third parties, and we do not use it for advertising.

Several fields in the ading application collect information of a more personal nature. These include your thoughts on drinking, pamilya dealbreakers, MBTI type, and pamilya vibe preference. These fields are voluntary and exist solely to help officers make thoughtful pamilya placements. You may write “N/A” or skip optional fields if you prefer not to share.

This information is accessible only to FSA officers and administrators conducting the matching process. It is not shown on your public member profile, not shared with other members, and not disclosed outside of the internal matching process.

The ading application includes a field asking whether there are specific FSA members you cannot be placed in a pamilya with. In answering this question, you may choose to name other members by name.

Any names you provide in these fields — including pamilya incompatibilities, pamilya dealbreakers, and future kuya/ate preferences — are used solely to inform placement decisions and are visible to FSA officers conducting or assisting with the matching process. Individuals you name are not notified that they were referenced in your application. This information is not disclosed to members outside the officer team or to third parties.

Membership dues and event ticket payments are primarily processed through Stripe. When you pay via Stripe, your card details are entered directly on Stripe’s platform and are never transmitted to or stored on UTD FSA’s servers. We retain a Stripe customer ID, checkout session ID, and payment intent ID to reconcile your payment status.

The system also supports alternate payment methods — including cash, Venmo, and Zelle — which may be accepted at officer discretion. In those cases, the payment amount and method are recorded manually by an officer rather than processed automatically. No card details are collected for these methods.

As of the date of this policy, all recorded payments have been processed through Stripe. Manual payment recording has not been used in production.

When a non-member purchases tickets to a UTD FSA event, we collect the purchaser’s name and email address, as well as the name and email address for each guest ticket. This information is used solely to generate, issue, and validate QR code tickets for event entry. Guests do not have an account on this website.

The purchaser completing checkout is required to acknowledge this Privacy Policy before submitting payment. Guests whose information is provided by the purchaser — rather than entered by the guest themselves — are notified of this policy via a link included in the QR code ticket email sent to their address. If you are a guest and would like to request deletion of your data, please contact us at the address listed in the Contact section. Your request will be handled manually by an officer or administrator.

Officers and administrators can access member application data and event registration records for purposes required to run the organization — including conducting pamilya matching, managing event check-in, and verifying membership. This access is provided through a server-side administrative client and does not expose one member’s data to another member.

Officer actions that affect member records are logged with the acting officer's identity. This includes checking in an event ticket and reviewing applications — accepting, rejecting, or otherwise changing the status of an ading or kuya/ate application records which officer made that decision and when.

This website relies on the following third-party services:

• Stripe — payment processing for membership dues and event tickets.
• Resend — transactional email delivery (registration confirmations and QR code tickets).
• Supabase — database, authentication, and backend infrastructure.
• Google — sign-in via Google OAuth. Google manages your Google account credentials; we receive only your name and email address.
• Amazon Web Services (S3) — cloud storage for cover photos and gallery images uploaded by officers.
• Vercel Analytics and Speed Insights — anonymous, aggregated site traffic and performance monitoring. This records page views, approximate geographic location, device type, and browser, but does not use cookies and does not identify you individually.

Each provider operates under its own privacy policy and data practices, which govern how it handles the data it receives.

We do not currently have an automatic data expiration or archival mechanism. Data you submit — including your member profile, application responses, event registrations, and attendance records — is retained as long as reasonably necessary to operate the organization, maintain historical records, administer membership programs, and comply with organizational requirements.

If you would like your data removed, please submit a request as described in the Your Rights section below.

You have the right to request access to the data we hold about you, to ask us to correct inaccurate information, or to request deletion of your data. To submit any of these requests, contact us using the email address in the Contact section below.

This website does not currently have a self-service data export or account deletion feature. Fulfilling your request requires a manual action performed by an FSA officer or administrator. As this process is currently informal, response times may vary; we will do our best to respond as soon as reasonably possible.

Deleting your account may affect your membership status, event history, and pamilya records. Where reasonably possible, we will try to discuss the scope and consequences with you before taking any irreversible action.